"Tactical" /24 announcements
Jon Lewis
jlewis at lewis.org
Thu Aug 12 18:09:25 UTC 2021
On Thu, 12 Aug 2021, William Herrin wrote:
> On Thu, Aug 12, 2021 at 9:41 AM Hank Nussbacher <hank at interall.co.il> wrote:
>> On 12/08/2021 17:59, William Herrin wrote:
>>> If you prune the routes from the Routing Information Base instead, for
>>> any widely accepted size (i.e. /24 or shorter netmask) you break the
>>> Internet.
>>
>> How does this break the Internet? I would think it would just result in
>> sub-optimal routing (provided there is a covering larger prefix) but
>> everything should continue to work. Clue me in, please.
>
> A originates 10.0.0.0/16 to paid transit C
> B originates 10.0.1.0/24 also to paid transit C
> C offers both routes to D. D discards 10.0.1.0/24 from the RIB based
> on same-next-hop
> You peer with A and D. You receive only 10.0.0.0/16 since A doesn't
> originate 10.0.1.0/24 and D has discarded it.
> You send packets for 10.0.1.0/24 to A (the shortest path for
> 10.0.0.0/16), stealing A's paid transit to C to get to B.
> Unless A filters C-bound packets purportedly from 10.0.1.0/24. B
> doesn't currently transit for A so from B's perspective that's not an
> allowed path. In which case, your path to 10.0.1.0/24 is black holed.
>
> D broke the Internet. If packets from you reach A at all, they do so
> through an unpermitted path.
A originated the /16 and should be prepared to deal with all bits to IPs
within it.
What's worse is when A originates/advertises the /16 to C. A also
advertises the /24(s) only to other transits D, E, and F. C's peers that
don't see the subnets send traffic to C that C then has to send out via
transit to reach D, E, or F. I've been C :( We asked A to make it stop.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list